By Ann Longmore-Etheridge
Online service providers need to bulk up on security or risk a major loss of customers.
In the aftermath of the massive hacking of Sony's PlayStation Network that potentially exposed the personal details of more than 100 million users, Computerweekly.com has spoken to cybersecurity experts and finds them in agreement: Online service providers need to bulk up on security or risk a major loss of customers.
As information theft victims, Sony's customers will now have to change online passwords and closely monitor their bank accounts for fraudulent activities, an onerous outcome that will surely factor into the number of users who continue to patronize the Sony games service. Customers often refuse to deal again with companies that have lost their confidential data. The article cites a OnePoll survey of 5,000 United Kingdom consumers that found 66 percent of those surveyed would try to avoid future interactions with organizations found to have lost confidential data, and 17 percent would vow never to do business with the companies again.
The experts interviewed for the article recommended that online service providers reevaluate their security controls and consider creating a layered identity verification strategy--for example, a one-time-password approach, using tokens or smartcard devices, which provides an additional security layer to usernames and passwords to secure online transactions.
The experts recommend that online service providers seek out independent experts to assess their systems and make recommendations for more robust security. This should include the use of penetration testers.
Raising security awareness was also stressed, with the experts calling for ongoing awareness programs. Another way to counter hackers, experts said, was information sharing and cooperation between organizations to identify and repulse security threats.
"If targeted companies such as Sony are more forthcoming with their advice and information on security breaches, and consumers become more proactive with how they manage their e-mail accounts, the threat of serious attacks should be lessened," Computerweekly.com reports.
♦ Photo by bdu/Flickr